Azure AD Connect: New version 1.1.561.0 available

A new version of Azure AD Connect is available since yesterday.

This release expands the scope of automatic upgrade to a wider scope, so there is an action needed if you don’t want that:

The scope expansion of the Automatic Upgrade feature affects customers with Azure AD Connect build and after. If you do not want your Azure AD Connect server to be automatically upgraded, you must run following cmdlet on your Azure AD Connect server: 

Set-ADSyncAutoUpgrade -AutoUpgradeState disabled.


You can download the new version from HERE.

Continue reading “Azure AD Connect: New version 1.1.561.0 available”

AADConnect 1.1 SyncScheduler Issue: DateTime Error and Scheduler not working

I recently installed Azure AD Connect 1.1 (Build in my demolab.
I installed on a fresh Windows Server 2012 R2 with latest hotfixes and done the following:

  • Install AADC in Custom Setting Mode
  • Done all settings (which are not relevant to that issue)
  • Disabled direct start of Scheduler to modify sync rules
  • Re-Run AADC Wizard and activated the now internal Scheduler

But when checking SyncCycle within the Sync Service Manager I cloud not see any syncs.

Continue reading “AADConnect 1.1 SyncScheduler Issue: DateTime Error and Scheduler not working”

New Release: Azure AD Connect 1.1 is GA

A new release of Azure AD Connect is now GA, its version number is 1.1 or build

Check the download page here and also the release version history here.
There is also a post on Alex Directoy Blog with some more details on the new features.

This are the new features and fixed issues in that release, as you can see it brings some new main features:

Continue reading “New Release: Azure AD Connect 1.1 is GA”

AADConnect: Updated build (1.0.8667) available

If you look at the current download page of Azure AD Connect (AADC) you will see there is a new build (Version 1.0.8667) available since 8/20/2015.

Azure AD Connect Download Page

You can get a list of improvements and fixes here:

Azure AD Connect: Version Release History


Azure AD Connect (AADConnect) now generally available (GA)

Today I saw the announcement of GA of AADConnect on the Microsoft Directory blog:

You can download the binaries from here.

AADConnect is a complete replacement and enhancement to DirSync and also AADSync.
With the release of this RTM both older tools should be in your mind as deprecated.

Here are some features provides by AADConnect:

  • Enable your users to perform self-service password reset in the cloud with write-back to on premises AD
  • Enable provisioning from the cloud with user write back to on premises AD
  • Enable write back of “Groups in Office 365” to on premises distribution groups in a forest with Exchange
  • Enable device write back so that your on-premises access control policies enforced by ADFS can recognize devices that registered with Azure AD. This includes the recently announced support for Azure AD Join in Windows 10.
  • Sync custom directory attributes to your Azure Active Directory tenant and consume it from your cloud applications
  • Multi Forest Support
  • Wizard for setting up ADFS and WAP Server directly from the main wizard via Remote PowerShell
  • Staging Mode for testing or other purposes

Keep in mind even this is a RTM you will eventually face some issues because some of the features like user writeback are still in preview in Azure AD.

In addition Azure AD Connect health has also reached GA.


Note2Self: Directory Integration Tools Overview

If you’re asking yourself the question which of the current directory tools to chose, here is some help:

I found this nice overview in the Azure MSDN library documentation:

On that documentation still FIM 2010 R2 with WAAD Connector is listed as an option, but you should not use that for any new deployments anymore, beside you have very special requirements (like multitenant) and only using that scenario as in interim solution until AADConnect will support that in future.


Preview 2 of Azure AD Connect (AADConnect) is available

Yesterday (on March 20. 2015) Microsoft released the next preview of the cloud (bridge) synchronization tool AADConnect (called Public Preview March 2015).

You can download and test the “fresh” release via the Microsoft Connect site for AADConnect.

Beside the features of the last preview like multi-forest support, password write-back you can now also test group and user write-back from the cloud to on-prem AD.

AADConnect can also setup your ADFS and WAP servers directly from the AADConnect wizard for using SSO with ADFS.
Some of the features (like write-back’s) require a Azure AD Premium license.

The new Preview of AADConnect also provides a very new “neat” feature, beside filter on-premise objects to be synchronized to the cloud by organizationalUnit and attribute values, you are now able to filter objects based on on-premise (AD) group membership. (See screenshots below).

Also the hint for not using this in production has gone, so if you need to implement this right now, contact product group for more information and joining a TAP program.

I’ve done a fast install and configuration in advanced mode:

Continue reading “Preview 2 of Azure AD Connect (AADConnect) is available”

Azure Active Directory Connect Public Preview 1 available on Connect

On Dezember 11.2014 Microsoft releases the Public Preview 1 of the upcoming version of Azure Active Directory Connect (AAD Sync). You can download the binary after registration on this Microsoft Connect Site if not already registered.
Here is the description from the connect site:

The Azure AD Connect wizard Public Preview 1 provides a guided experience for integrating one or multiple Active Directory forests with Microsoft Azure AD.  Optionally you can configure Exchange Hybrid deployment, password change write-back, AD FS and Web Application Proxy.


This fits to the latest post on the AD blog about General Availability (GA) of the following Azure AD features:

Generally available (GA) as of today:

  • Password write-back in Azure AD Sync: Users can now change their passwords in the cloud and have the change flow all the way back to your on-premises AD.
  • The Azure AD App Proxy: This proxy makes it easy to give your employees secure access to on-premises applications like SharePoint and Exchange/OWA from the cloud without having to muck around with your DMZ.

And in public preview:

  • Question based security gates for use in password resets
  • Admins can add their own password SSO based SaaS apps to Azure AD
  • And probably the most exciting news of all – Administrative Units (AUs). AU’s are like OUs modernized for the cloud. They let you sub-divide your Azure Active Directory, enabling the separation of administrative duties and policy creation across a large company.

Finally we are making Azure AD Premium available for direct online purchase, using a credit card, in the Office 365 admin portal (you do not need to be an existing Office 365 customer to buy).

Overview of current Azure AD sync tools and which to choose.

Because I was not on Microsoft TechEd 2014 in Barcelona, I watched a lot of the videos regarding Identity Management and Azure AD. Seems to me Hybrid Identity is the great keyword in future.

A lot of slides and videos has sync service from on-premise to Azure AD on their topic, there were also a preview of the next release of AAD Sync / AAD Connector.

Thinking about all the current Sync Tools I thought it was a good idea to write a short explanation on all this tools and which to choose. In addition what to use FIM/MIM for.

Currently you can use the following four tools:
Continue reading “Overview of current Azure AD sync tools and which to choose.”